Your Privacy Matters to Us

At Tradeshift, ensuring the security and privacy of the data you’ve trusted us with is a top priority throughout the company. Those efforts include compliance with the European General Data Protection Regulation (GDPR) that goes into effect on May 25th, 2018. The GDPR is a comprehensive European privacy law designed to ensure transparency, accountability, purpose limitation, accuracy, integrity and confidentiality and is core to the controls and processes we have in place to ensure we handle and process your data in accordance with your wishes.

Our Commitment to Data Security

Security and confidentiality of our customers’ data has been central to the design and operation of the Tradeshift Platform since inception. Our rigorous and ever-expanding compliance program includes 3rd party audits that enable us to provide our customers reports validating the security of the platform with standards such as SOC 1 Type II, SOC 2 Type II, ISAE 3402 Type II, Payment Card Industry (PCI-DSS) Level 1 and ISO 27001. Tradeshift is also a certified under the EU-US Privacy Shield program which covers cross-border data transfers to the US and was similarly certified under the preceding program, the US-EU Safe Harbor. More information about our participation in this program can be found in our privacy policy.

If you already use Tradeshift and need to sign a Data Processing Addendum with us, you can begin the process by clicking here.

If you would like to submit a request related to your personal data, you may email or fill out this form.

For a listing of the subprocessors in use by Tradeshift, click here.

Tradeshift GDPR efforts

We have numerous changes to our internal processes, policies and products currently underway to further strengthen our comprehensive data privacy and compliance programs. Our goal is to ensure that our customers feel confident with Tradeshift as a trusted data processor. Some of the major changes already done and which will be in place before May 25, 2018 include:

  • Building a universal Data Governance service on the platform to ensure consent is captured globally across the platform and commercial sites.
  • Company-wide and department-specific data protection training for all Tradeshift employees.
  • Documenting all external services in use companywide and ensuring compliance and transparency where data is shared.
  • Updates of our privacy policy and terms of service to reflect changes related to GDPR.
  • Building internal policies covering requests for information, the ability to correct personal information and likewise, to delete it.


Tradeshift is constantly evolving and expanding our security and compliance offerings to ensure an ever greater level of comfort and assurance to all users. We look forward to being a strong partner as you manage your ever growing global supply chain. If you have additional questions about Tradeshift’s privacy or security practices or want to obtain an update on our progress, please contact your sales representative for more information.